Unverified Commit 7efcac76 authored by openeuler-ci-bot's avatar openeuler-ci-bot Committed by Gitee
Browse files

!4552 v4 CVE-2023-52340 

Merge Pull Request from: @ci-robot 
 
PR sync from: Ziyang Xuan <william.xuanziyang@huawei.com>
https://mailweb.openeuler.org/hyperkitty/list/kernel@openeuler.org/message/RZCHKUJ5YROUKA2EYYOWER5S3744TT5V/ 
The patchset for CVE-2023-52340.

v4:
  - Resend.
v3:
  - Fix kabi broken.
v2:
  - Fix comment header.

Jon Maxwell (2):
  ipv6: remove max_size check inline with ipv4
  ipv6: Document that max_size sysctl is deprecated

Ziyang Xuan (1):
  ipv6: fix kabi broken in struct dst_ops


-- 
2.25.1
 
https://gitee.com/src-openeuler/kernel/issues/I8ZGOZ 
 
Link:https://gitee.com/openeuler/kernel/pulls/4552

 

Reviewed-by: default avatarLiu YongQiang <liuyongqiang13@huawei.com>
Reviewed-by: default avatarYue Haibing <yuehaibing@huawei.com>
Signed-off-by: default avatarZhang Changzhong <zhangchangzhong@huawei.com>
parents 6f003689 9ea037e5

Documentation/networking/ip-sysctl.txt

+3 −0
Original line number Diff line number Diff line
@@ -96,6 +96,9 @@ route/max_size - INTEGER 
	From linux kernel 3.6 onwards, this is deprecated for ipv4

	as route cache is no longer used.



	From linux kernel 6.3 onwards, this is deprecated for ipv6

	as garbage collection manages cached route entries.



neigh/default/gc_thresh1 - INTEGER

	Minimum number of entries to keep.  Garbage collector will not

	purge entries if there are fewer than this number.

net/ipv6/route.c

+4 −6
Original line number Diff line number Diff line
@@ -2774,18 +2774,16 @@ static int ip6_dst_gc(struct dst_ops *ops) 
{

	struct net *net = container_of(ops, struct net, ipv6.ip6_dst_ops);

	int rt_min_interval = net->ipv6.sysctl.ip6_rt_gc_min_interval;

	int rt_max_size = net->ipv6.sysctl.ip6_rt_max_size;

	int rt_elasticity = net->ipv6.sysctl.ip6_rt_gc_elasticity;

	int rt_gc_timeout = net->ipv6.sysctl.ip6_rt_gc_timeout;

	unsigned long rt_last_gc = net->ipv6.ip6_rt_last_gc;

	int entries;



	entries = dst_entries_get_fast(ops);

	if (entries > rt_max_size)

	if (entries > ops->gc_thresh)

		entries = dst_entries_get_slow(ops);



	if (time_after(rt_last_gc + rt_min_interval, jiffies) &&

	    entries <= rt_max_size)

	if (time_after(rt_last_gc + rt_min_interval, jiffies))

		goto out;



	net->ipv6.ip6_rt_gc_expire++;
@@ -2795,7 +2793,7 @@ static int ip6_dst_gc(struct dst_ops *ops) 
		net->ipv6.ip6_rt_gc_expire = rt_gc_timeout>>1;

out:

	net->ipv6.ip6_rt_gc_expire -= net->ipv6.ip6_rt_gc_expire>>rt_elasticity;

	return entries > rt_max_size;

	return 0;

}



static int ip6_convert_metrics(struct net *net, struct fib6_info *rt,
@@ -5353,7 +5351,7 @@ static int __net_init ip6_route_net_init(struct net *net) 
#endif



	net->ipv6.sysctl.flush_delay = 0;

	net->ipv6.sysctl.ip6_rt_max_size = 4096;

	net->ipv6.sysctl.ip6_rt_max_size = INT_MAX;

	net->ipv6.sysctl.ip6_rt_gc_min_interval = HZ / 2;

	net->ipv6.sysctl.ip6_rt_gc_timeout = 60*HZ;

	net->ipv6.sysctl.ip6_rt_gc_interval = 30*HZ;